ruby on rails - Authentication: Custom or Third Party -


i'm creating app in ruby on rails , have research devise, omniauth, , creating own custom version.

my question is: scenarios in use 1 of 3 choices above?

my take: - omniauth can provide quick registration through third party apis, require additional permissions access additional data - devise provides core functionality can customized based on applications needs - custom may extreme scenarios which, currently, not need

** i'm leaning towards devise provides core , allows me add onto that

additional considerations: - application needs sign in , access basic information for: location, language i18n, etc - application financial transactions (if you're paid member, et al).

going question: based on above, devise seem better choice? omniauth provide these features? when should use 1 versus other?

thanks

devise , omniauth different things - , used together.

devise provides full authentication package views, controllers , routes allow users sign up, edit user profiles, reset passwords, etc. devise can used without database authentication module provides signup via email password.

omniauth framework authentication users via oauth. omniauth unlike devise not ship views or controllers. instead need integrate oauth callbacks app. omniauth abstract away differences between different providers.

both can used provide user authentication via password or oauth example.

rolling own authentication solution not advisable. projects devise have hundreds if not thousands of man-hours behind them , many eyes viewing code base flaws. crappy home rolled auth solutions companies not invented here syndrom 1 of common security failures have lead user data , passwords being leaked.


Comments

Post a Comment

Popular posts from this blog

php - Wordpress website dashboard page or post editor content is not showing but front end data is showing properly -

Image
recently have uploaded wordpress site onto server. have uploaded wordpress site in sub-folder under root folder ../root(domain root folder)/wordpress (where host wordpress folder). now problem content data in page or post in dashboard of wordpress admin panel not showing - see image. but data showing in front view - see image. if not browser cache issue , not issue happened tinymce editor during upgrade; try add config file: define('concatenate_scripts', false);
Read more

How to get the ip address of VM and use it to configure SSH connection dynamically in Ansible -

i trying ip address of vm , trying use establish ssh vm. following script: --- - hosts: localhost become: yes connection: local gather_facts: false serial: 1 vars_files: - createvmvars.yml tasks: - name: gathering vm info. vsphere_guest: vcenter_hostname: "{{vcenter_hostname}}" username: "{{vcenter_username}}" password: "{{vcenter_password}}" guest: "{{guest_name}}" vmware_guest_facts: yes register: var - debug: msg="{{var.ansible_facts.hw_eth0.ipaddresses[0]}}" - name: establishing ssh connection. script: /home/shasha/devops/scripts/ssh_configure.sh "{{var.ansible_facts.hw_eth0.ipaddresses[0]}}" following content of ssh_configure.sh : #!/bin/sh ssh-keygen -t rsa ssh-copy-id $1 but when running playbook, getting following error while executing third task: error! 'var' undefined but debug module(second task) printin
Read more

javascript - Get parameter of GET request -

i make request: createxhrrequest( "get", fileurl, function( err, response ) { if( err ) { alert( "error get!" ); } alert(response); }); and full response: { "status" : "ok", "message" : "jvberi0xljqkjdduxdgkmy how can jvberi0xlj ? i try response.message , response["message"]. nothing works. just simple access this: var json = json.parse(response); json.message
Read more